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DETAILED ACTION 

1 . Applicant's amendment received on 4/05/07 has been entered. 

The text of those sections of Title 35, U.S. Code not included in this action can be 
found in a prior office action. 

Response to Arguments 

2. Applicant's arguments have been carefully considered but not found persuasive. 
Applicant's amendment addressed the objections cited in the previous Office Action. 
As result, the objections cited in the previous Office Action are withdrawn. 

3. Applicant argues that rather than authenticating a password entry screen to a user, 
Pichlmaier discloses a data exchange to mutually validate remotely located 
computers, which applicant suggests, read on validating the entire computer system. 
The examiner points to Pichlmaier' s col. 2 lines 17-32, which clearly disclose 
authentication indicia authentipating the password entry screen to a user. 

4. Applicant argues that Pichlmaier does not disclose storing authentication indicia in a 
secure memory and supports its allegation by suggesting that Pichlmaier teaching of 
randomly generated numbers and enciphering techniques. 

The examiner points out that (even though memory in Pichlmaier's is a secure 
memory) claimed language does not include argued "secure memory". 

5. Applicant suggests that there is no motivation to combine Pichlmaier and Windows 
NT because, "the plain fact that terminating the programs as taught in Windows NT 
and Ozzie means terminating the very application programs needed by Pichlmaier to 
function". 
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Applicant's arguments are not found persuasive. Windows NT discloses halting 
programs not needed by the security module and, similarly to Pichlmaier's 
disclosure, the security module does not halt programs used to facilitate the 
authentication process. 

6. Claims 1-5, 7-12, 14-15, 17-18 and 20 

Claim Rejections - 35 USC § 103 

7. Claims 1-5, 7-12, 14-15, 17-18 and 20 remain rejected under 35 U.S.C. 103(a) as 
being unpatentable over Pichlmaier (U.S. Patent No. 5317637) in view of Windows 
NT as illustrated by Ozzie (U.S. Patent No. 5664099) and Hadfield et al. (Lee 
Hadfield, Dave Hater, Dave Bixler, "Windows NT Server 4 Security Handbook", 
1997, ISBN: 078971213). 

As per claims 1 and 11, Windows NT discloses authentication password entry 
screen, receiving a command to execute a password-protected secure function 
(Hadfield, "The Log-On process", pg. 80-81) that temporarily halts execution of 
programs not needed by a security module while the data entry screen is displayed 
and restarts halted programs after the password entry screen is removed from the 
display prompting a user to enter a password (Ozzie, col. 1 lines 51- col. 2 line 1). 
An ordinary artisan would appreciate that devices utilizing Windows NT systems 
comprise memory and processors. 
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8. Windows NT does not teach storing authentication indicia for authenticating 
password entry screens to a user in a memory of the computing device. 
Pichlmaier discloses a device comprising a secure processor and memory storing 
authentication indicia (data word, Pichlmaier, col. 2 lines 17-32). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to implement the indicia for authentication password entry screen to a user 
in a memory of the computing device. One of ordinary skill in the art would have 
been motivated to perform such a modification in order to verify the authenticity of 
the device system (Pichlmaier, col. 1 lines 38-46). 

Similarly, it would have been obvious to one of ordinary skill in the art at the time of 
applicant's invention to implement Windows NT teaching into the device disclosed 
by Pichlmaier given the benefit of establishing a protected channel between a user 
and legitimate programs and terminate any hostile programs (e.g. Trojan horses, 
eavesdropping programs etc., Ozzie, col. 1 lines 46-67). 

9. As per claims 2 and 4, the indicia stored in the device module is obtained from a 
user (col. 2 lines 29-31) and as per claims 12 and 20, Pichlmaier discloses a 
removable smart card (Pichlmaier, Fig. 1). 

10. As per claim 3, it is clear the indicia taught by Pichlmaier reads on confidential data 
As a result, it would have been obvious to one of ordinary skill in the art at the time 
of applicant's invention to display the indicial for a limited time in order to prevent 
unnecessary exposure and as a result minimize threats of attacks. 
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11. As per claims 5, 7-8 and 14-15, as discussed above, Windows NT discloses halting 
any application programs which are in operation during the password entry 
sequence and after the information has been entered correctly the operating system 
returns control to the application. This reads on halting executing of programs 
running on the computing device not necessary for inputting the password while the 
password entry screen is displayed, inhibiting an operating system in the computing 
device from responding to interrupts not associated with the security module and 
inhibiting context-switching by an operating system in the computing device to 
programs not needed by the security module. 

12. As per claims 9-10 and 17-18, Windows NT does not explicitly teach a status table in 
RAM that is used by an operating system in the computing device, wherein each 
entry in the tables relate to a currently executing program and containing a status 
indication associated with the currently executing program, saving current setting of 
the status table and changing the current setting so as to inhibit execution by the 
operating system of the programs not needed by the security module. 

However, utilizing tables to store and retrieve related information are well-known in 
the art of computing (see previously provided to applicant Carter's reference: Fig. 
21-9 pg. 795). Utilized data structure to store data such as program status 
information would have been obvious to one of ordinary skill in the art at the time of 
applicant's invention given the benefit of table structure commercial success. 
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The name of a table (e.g. a status table, an alternate status table) would not affect 
functionality of the invention especially since the claim language does not preclude a 
status table to be different from an alternate status table. 
Furthermore, grouping information by common characteristics in different tables 
would have been an obvious variation. It would have been obvious to one of 
ordinary skill in the art at the time of applicant's invention to group similar information 
in the same table (e.g. information relating to a currently executing program in a 
status table, information relating to programs needed by security module in another 
table). One of ordinary skill in the art would have been motivated to perform such a 
modification in order to a quick access to related information. 
13. Claims 1, 3, 5, 7-11 and 14-15 and 17-18 remain rejected under 35 U.S.C. 103(a) as 
being unpatentable over Ozzie (U.S. Patent No. 5664099). 
As per claims 1,11 Ozzie discloses authentication indicia known to a user for 
authenticating password entry screens to the user (Fig. 2A-C, col. 3 lines 49-67 and 
col. 8 lines 65-67). Ozzie explicitly discloses that the apparatus implementing the 
indicia is a computer with memory (col. 3 lines 8-15) and computers inherently store 
data such as display data in memory. 

Furthermore, Ozzie discloses Windows NT, wherein Ozzie discloses receiving a 
command to execute a password-protected secure function (Control-Alt-Delete) that 
temporarily halts execution of programs not needed by a security module while the 
data entry screen is displayed and restarts halted programs after the password entry 
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screen is removed from the display prompting a user to enter a password (Ozzie,. 
col. 1 lines 51- col. 2 line 1). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to incorporate Windows NT halting and restarting execution of programs 
not needed by a security module as disclosed by Windows NT given the benefit of 
establishing a protected channel between a user and legitimate programs and 
terminate any hostile programs (e.g. Trojan horses, eavesdropping programs etc., 
Ozzie, col. 1 lines 46-67). 

The examiner reminds applicant that in Windows NT, "the particular key sequence 
during information (password) entry" discussed by Ozzie is an authentication 
function executing the password-protected secure function based on the validity of 
the password entered by the user (for additional information see Hadfield reference 
for example: "The Log-On Process", pg. 80-81). 

Furthermore, it would have been obvious to one of ordinary skill in the art at the time 
of applicant's invention to remove data entry screens after successful authentication 
process in order to enable the authenticated users to access their desktop. Note 
that such a mechanism is frequently implemented in the prior art, e.g. Microsoft 
products such as Windows NT. 
14. As per claim 3, Ozzie clearly discloses removing the entry screen (Fig. 2A-C) would 
remove the indicia. Furthermore, it is clear from Ozzie's disclosure that indicia is 
confidential data displayed during the authentication process to authenticate the 
screen. Thus, it would have been obvious to one of ordinary skill in the art at the 
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time of applicant's invention to display the indicial for a limited time to prevent any 
security attacks. 

15. As per claims 5, 7-8 and 14-15, as discussed above, Ozzie discloses halting any 
application programs which are in operation during the password entry sequence 
and after the information has been entered correctly the operating system returns 
control to the application. This reads on halting executing of programs running on 
the computing device not necessary for inputting the password while the password 
entry screen is displayed, inhibiting an operating system in the computing device 
from responding to interrupts not associated with the security module and inhibiting 
context-switching by an operating system in the computing device to programs not 
needed by the security module. 

16. As per claims 9-10 and 17-18 Ozzie does not explicitly teach a status table in RAM 
that is used by an operating system in the computing device, wherein each entry in 
the tables relate to a currently executing program and containing a status indication 
associated with the currently executing program, saving current setting of the status 
table and changing the current setting so as to inhibit execution by the operating 
system of the programs not needed by the security module. 

However, utilizing tables to store and retrieve related information are well-known in 
the art of computing (see previously submitted to applicant Carter's reference: Fig. 
21-9 pg. 795). Utilized data structure to store data such as program status 
information would have been obvious to one of ordinary skill in the art at the time of 
applicant's invention given the benefit of table structure commercial success. 



* 
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The name of a table (e.g. a status table, an alternate status table) would not affect 
functionality of the invention especially since the claim language does not preclude a 
status table to be different from an alternate status table. 
Furthermore, grouping information by common characteristics in different tables 
would have been an obvious variation. It would have been obvious to one of 
ordinary skill in the art at the time of applicant's invention to group similar information 
in the same table (e.g. information relating to a currently executing program in a 
status table, information relating to programs needed by security module in another 
table). One of ordinary skill in the art would have been motivated to perform such a 
modification in order to a quick access to related information. 

1 7. Claim 4 remains rejected under 35 U.S.C. 1 03(a) as being unpatentable over Ozzie 
(U.S. Patent No. 5664099) in view of Cottroll (U.S. Patent No. 5465084). 

Ozzie discloses authentication credential: indicia, as discussed above. 

18. Ozzie does not teach that obtaining the credential from users. 

Cottrell discloses obtaining the authentication credential from users (Cottrell, col. 4 
lines 16-20). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to obtain the authentication credential from users as disclosed by Cottrell. 
One of ordinary skill in the art would have been motivated to perform such a 
modification in order to use authentication credential easily remembered by the 

t 

users. 
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19. Claim 2 remains rejected under 35 U.S.C. 103(a) as being unpatentable over Ozzie 
(5664099) in view of Bertina (U.S. Patent No. 6091817). 

Ozzie discloses a device for executing a password-protected secure function 
comprising a secure processor and memory as discussed above. 

20. As per claim 2, Ozzie does not explicitly disclose storing the indicia in a security 
module. 

Bertina discloses storing data in a security module (Bertina, col. 2 lines 7-12). 
It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to data such as indicia in a security module as disclosed by Bertina. One of 
ordinary skill in the art would have been motivated to perform such a modification in 
order to restrict access to the data. 

21. Claim 11 and 20 remain rejected under 35 U.S.C. 103(a) as being unpatentable over 
Ozzie (5664099) in view of Challener (U.S. Patent No. 6598032). 

Ozzie discloses a device for executing a password-protected secure function 
comprising the processor and the memory as discussed above. 

22. Ozzie do not disclose the device comprising a smart card containing the processor 
and the memory. 

Challener discloses a removable smart card containing a processor and memory 
(Challener, col. 2 lines 6-15). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to implement the processor and the memory disclosed by Ozzie into a 
removable smart card as disclosed by Challener. One of ordinary skill in the art 
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would have been motivated to perform such a modification in order to extend 
security into the Challener's card. 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Peter Poltorak whose telephone number is (571) 272- 
3840. The examiner can normally be reached Monday through Thursday from 9:00 
a.m. to 4:00 p.m. and alternate Fridays from 9:00 a.m. to 3:30 p.m 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on (571) 272-381 1 . The fax phone number 
for the organization where this application or proceeding is assigned is (571) 273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




